Create a Self Signed SSL Certificate on Apache for Ubuntu 15.04

Introduction

SSL stands for Secure Sockets Layer. An SSL certificate encrypts the data that is sent and received by the client without the possibility of someone reading the data in the middle, mostly known as man in the middle attack.

In this tutorial, we will create a self-signed SSL certificate for Apache. While using a self-signed SSL certificate is secure and encrypts the data between the server and the client, we highly suggest that you purchase an SSL certificate from a trusted SSL certificate provider.

Installing Apache and SSL module

If you don't already have Apache installed, you can use the following command to install apache using Ubuntu Apt-get.

# sudo apt-get update
# sudo apt-get install apache2

Apache web server comes with an SSL module, we can enable the SSL module using the command:

# sudo a2enmod ssl
# sudo service apache2 restart

Generating the SSL Certificate

First, we need to create a directory to store the SSL certificates.

# sudo mkdir /etc/apache2/ssl

Now we will use the OpenSSL package that comes pre-installed with Ubuntu 15.04 to create the SSL certificates.

The above command will generate a 2048-bit private key and an SSL certificate that will be valid for 365 days.

Now you will be asked to answer few questions. It is important that you set the Common Name option appropriately, you need to enter the domain name or the public IP address if you do not have a domain.

Configuring Apache

We need to edit the default SSL configuration for apache to use the certificate we generated. In this tutorial we will use vim to edit the configuration file, you can use your preferred text editor to edit the file below.

# sudo vim /etc/apache2/sites-available/default-ssl.conf

Edit or add the following lines and replace it using your own details.